app.gomtv.com

Gretech Corp.

Domain Information

The domain app.gomtv.com registered by Gretech Corp. was initially registered in September of 2003 through GABIA, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Seoul, Seoul-T'Ukpyolsi within Korea which resides on the Asia Pacific Network Information Centre network.
Registrar:
GABIA, INC.

Server location:
Seoul-T'Ukpyolsi, Korea (KR)

Create date:
Thursday, September 18, 2003

Expires date:
Sunday, September 18, 2016

Updated date:
Tuesday, August 11, 2015

ASN:
AS4766 KIXS-AS-KR Korea Telecom

Root domain:

Scanner detections:
Detections  (54% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.GRETECH.Installer.Meta (L), PUP.GRETECH.GretechC.Installer.Meta (L), PUP.Gretech.GretechC.Installer.Meta (L), PUP.Gretech.Installer.Meta (L), PUP.Gretech (L)
100.00%

Agnitum Outpost
Packed/RLPack
3.70%

McAfee Web Gateway
Artemis
3.70%

Jiangmin
Trojan/JboxGeneric.ivw
3.70%

McAfee
Artemis!8F360855CE8B
3.70%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.70%

Rising Antivirus
PE:Trojan.Win32.Generic.1313BCE2!320060642
3.70%

F-Prot
W32/RLPacked.A.gen
3.70%

Trend Micro House Call
Suspicious_GEN.F47V0223
3.70%

K7 AntiVirus
Unwanted-Program
3.70%

IKARUS anti.virus
AdWare.AdSpy
3.70%

The domain app.gomtv.com has been seen to resolve to the following 5 IP addresses.

February 14, 2014

February 14, 2014

February 14, 2014

February 14, 2014

February 14, 2014

File downloads found at URLs served by app.gomtv.com.

0 / 68
http://app.gomtv.com/.../GOMPLAYERSETUP.EXE  (4ddc29bb18fb8a3b887b9c183976ce98)

0 / 68
http://app.gomtv.com/.../GOMPLAYER9XSETUP.EXE  (ecf71d71e3d734461e246a35885cc11f)

1 / 68      (PUP)
https://app.gomtv.com/.../GOMPLAYER2KSETUP.EXE  (c68d875956b9bba228be601e1c328748)

0 / 68
http://app.gomtv.com/.../GOMAUDIOSETUP.EXE  (2909cc01fd0e2b49add9f53641d746e5)

0 / 68
https://app.gomtv.com/.../GOMMIXSETUP.EXE  (b9b3fadd4606537a165600d953123c6c)

1 / 68      (PUP)
http://app.gomtv.com/.../GOMRECORDERSETUP.EXE  (380ba8c07d3d3e93c3cd5b9fb4c8dd66)

URL:
http://app.gomtv.com/

Google Analytics:
UA-50748759

Title:
“곰TV - 함께하는 즐거운 TV . All About Video”

SSL certificate subject:
CN=*.gomtv.com, OU=IT Team, O=Gretech Corp., L=Gangnam-gu, S=SEOUL, C=KR

SSL certificate issuer:
CN=thawte SSL CA - G2, O="thawte, Inc.", C=US

Web server:
Apache (PHP/5.3.21)